ADP DataCloud is searching for a passionate, hands-on, innovative, results oriented Senior Security Engineer for our high-performance DataCloud Information Security Team. At ADP DataCloud, Security is job zero. Our team is responsible for inventing new security services that enable and automate security solutions, while reinforcing existing security postures in a hybrid environment at an unprecedented scale. Our team offers the unique opportunity for engineers to collaborate with leading industry security and engineering experts, in a BigData and Global environment. You will lead cross-team engineers and technical program managers to engineer the solutions that will radically reduce the human cost associated with patching by building the automation mechanisms to ingest, assess, report and continuously monitor the security state of assets across DataCloud’s infrastructure. We are data-driven, set big goals and are always challenging ourselves and each other to identify better solutions.
As a Senior Security Engineer in ADP DataCloud what will your role entail?
- Working with various teams to build, test, and deploy security solutions in hybrid environments.
- Working with developers to deliver security as a service for applications and infrastructure running in hybrid environments. This includes multilayer security services, as well as policy as code for automated governance processing.
- Working with developers to establish SecOps to NoOps culture, empowering developers with next generation self-service options.
- Collaboration with technical and business stakeholders across the organization, from engineers to leadership, to operationalize these efforts.
- Establishing security automation as a service.
A successful candidate will have a strong command of designing and implementing our Security principles in our CI/CD pipelines, On Premise Initiatives and Cloud initiatives, working side-by-side with our Architecture & Application Development teams. This is a senior position responsible for developing innovative, flexible and scalable solutions, driving the automation and adoption of SecDevOps processes both on premise and on the Cloud. Said candidate will be a deeply curious individual who brings technical and business expertise and has experience using cutting edge technology to develop innovative solutions to complex technical challenges at incredible scale.
We believe people make great companies, not the other way around. Our people make all the difference in delivering innovative HR technologies and solutions that help employees all over the world do their jobs better. The result? We’re building the next generation of ADP technologies.
- Collaborate with DataCloud Information Security Architect, Developers, Data Scientists and System Engineers to capture functional and non-functional requirements.
- Support all products within functional area, from build to implementation and ongoing performance according to business and global security needs.
- Build and advocate for new solutions to undefined system needs, where no solution is available with the technical community.
- Build and implement extensions to our SecDevOps and CI/CD tools.
- Build, implement and drive the adoption of containers (Docker, Kubernetes) with a strong security emphasis.
- Build and, implement and drive the adoption of cloud security solutions (AWS).
- Impact the DevOps function by contributing to technical build and strategic implementation decisions.
- Mentor peer engineers.
- Appropriately identify risk when engineering decisions are made, demonstrating particular consideration for DataCloud’s reputation and safeguarding ADP, its clients, associates and assets, by driving compliance with applicable standards, adhering to Policy, applying sound ethical judgement regarding personal behavior, conduct and business practices, and escalating and reporting control issues with transparency.
- Create new solutions in order to push the boundaries of our automation capabilities.
- Innovate proper security builds, diagrams and documentation of the implemented solutions.
- Provide technical leadership and coaching to other non-security team members.
- Use Agile methods (Scrum/Kanban) to organize project deliverables, to track and to report progress.
- Support software security operations, test and debug programs, both in Lab and Production environments.
- Expert in SecOps and CI/CD practices and tools (Jenkins, Ansible, Git, CloudFormation/Terraform, Checkmarx, XRay or similar)
- Strong experience with Configuration Management concepts tools and implementations (Chef, Puppet, BakerCM, or similar)
- Strong experience with application telemetry, monitoring and alerting solutions (Dynatrace, PagerDuty, Splunk, CloudWatch, Flowdock, or similar)
- Strong experience with Cloud solutions i.e. AWS (VPC, EC2, S3, ECS, EKS, Fargate, RDS, Macie, Security Hub, Guard, Detector, etc.)
- Strong experience with Security Compliance tooling (Crowdstrike, Qualys, Dome9 or similar)
- Strong experience with Vault solutions
- Strong experience with containers (Docker, Kubernetes)
- Strong programming skills in Python (or equivalent)
- Strong programming skills with Linux Schell scripts i.e. Bash or similar
- Strong understanding of TCP/IP, basic and advanced routing protocols (OSPF, BGP) and related Internet protocols
- Strong knowledge and understanding of vulnerability/patch management and malware protection
- Strong background in cryptography, encryption, masking or similar
- Strong knowledge and understanding of network and internet protocols with the ability to articulate how it functions when applied to the technologies we use (SAML, SCIM, OAuth, SMTP, DNS)
- Strong Experience working and configuring security controls on endpoint Solutions (EDR & MDM), GSuite Administration, SSOs, Data Loss Prevention, and Network Firewalls
- Knowledge of potential attack vectors such as XSS, injection, hijacking, social engineering, and so on
- Strong Experience with networking (HTTP, HTTPS, Telnet, SSH, Firewall, VPN, Routing and Load Balancing)
- Strong Experience with Linux and open source software
- Programming skills on other languages i.e. Groovy, Java, PHP, NodeJs or others
- Experience with code-quality and automated testing (Sonar, Junit, Selenium or similar)
- Experience with markup languages (JSON, XML, YAML)
- Experience with API standards (REST, SOAP)
- Experience with SQL and NoSQL databases (Oracle, MongoDb, Redis)
- Good understanding of agile development
- Strong written and verbal communication skills
- Bachelor’s degree in Security Engineering or related discipline is desirable
- 5+ years of hands-on experience delivering robust Security Engineering (SecOps) solutions
- 10+ years of experience with high performing IT projects
Explore our COVID-19 page https://jobs.adp.com/covid19/ to understand how ADP is approaching safety, travel, the hiring interview process, and more.
Diversity, Equity, Inclusion & Equal Employment Opportunity at ADP: ADP affirms that inequality is detrimental to our associates, our clients, and the communities we serve. Our goal is to impact lasting change through our actions. Together, we unite for equality and equity. ADP is committed to equal employment opportunities regardless of any protected characteristic, including race, color, genetic information, creed, national origin, religion, sex, affectional or sexual orientation, gender identity or expression, lawful alien status, ancestry, age, marital status, or protected veteran status and will not discriminate against anyone on the basis of a disability. We support an inclusive workplace where associates excel based on personal merit, qualifications, experience, ability, and job performance.
Ethics at ADP: ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click https://jobs.adp.com/life-at-adp/ to learn more about ADP’s culture and our full set of values.